Next-Generation Firewall Discussions

Welcome to the Next-Generation Firewall Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

Using NAT64 to reach overlapping ipv4 networks

Hello! My problem is a little more complex than the scenario below, but I'm trying to keep it simple. Let's say I have a machine "v6client" on an IPv6-only network with IP 2001:db8::10. It's directly connected to an interface in virtual router vr1. Then, let's say I have two servers "server1" and "server2". Both of them have the same IP 19...

Any good way to block DeepSeek by PaloAlto Firewall(PA-820)

Could you tell me a good method to block DeepSeek ? Thank you very much.

Resolved! Pan-OS 10.2.13-h4 known issues

Hello everyone, Can I ask if anyone already installed Pan-OS 10.2.13-h4 on their firewalls? Any issues with this hotfix? I am hesitant to install it after reading reddit comments about the 10.2.13-h3 and how it breaks IPv6.

Source account mapped

Hi All, We have purchased an Palo alto 220 series firewall however while registering the devices we are getting an attach error. Can someone help me to identify how can i know where my device has been mapped.

Download PAN OS 9.1.16-h5 for PA-3020 FW

How to Download PAN OS 9.1.16-h5 for PA-3020 FW as it is reached end of life.. unable to find the PA 3020 firewall software updates in suport portal.

Resolved! PA-440 logging tab emtpy

Hi there, just got my new HA pair of two PA-440's up and running. I noticed a strange thing, the logging tab is empty, what's the cause of this? Btw, the cli shows logs via "show log traffic direction equal backward dst in x.x.x.x" Thx Daniel

Zone protection question

Hi Team, I’d like to add an IP to be exempted from zone protection. Is this possible on the firewall? How we can achive this please suggest

Resolved! Bi-direction Nat logic

hi I have configured a static bidirection NAT which is Trust to Untrust source address 10.149.192.32 destination 10.90.129.51 service any source translation 200.22.1.32 and turned the bi-directional: yes. I have the security policy any and routing 10.149.0.0/16 and 200.22.0.0/16 is Trust,10.90.129.51 Untrust. I have done troubleshooting from Tru...

Resolved! Two PA-440 - Need PANOS Update for Lab

Bought two 440's second hand before knowing about updates etc.Starting a small business and these will be used for proof of concept/demo's etc. Without a partner, what is the most cost effective way we get updates to get started?

Resolved! Deepseek addition to artificial-intelligence subcategory ETA?

Do we have a known ETA of when we can expect DeepSeek to be added to the artificial-intelligence subcategory?With the rapid developments in Washington and other nations having that visibility without custom filters would be wonderful!NGFW

issues with traffic passing through vWire

hi guys, i'm trying to set up a new Palo Alto firewall, a PA 440, for a customer. But they want minimal impact on their network and don't want to change anything, so i proposed setting up a vWire so they change nothing and can benefit from the inspection features of the new Palo box. pretty much here's how it kinda looks like: ISP Router --> ...

Failed to download due to Empty file returned by update server. Please try again later.

Failed to download due to Empty file returned by update server. Please try again later.HW : PA440sw 11.2.4-h1 seeig this error when trying to download 11.24h4 It worked on another firewall with same SW Tried with update server : updates.paloaltonetworks.com and us-static.updates.paloaltonetworks.com Nothing works, please help to fix the issue

GP VPN / Routing

Hi All, I have a question: So we have a Parent Company name A and we have an existing IP SEC S2S tunnel and we are forwarding the routes for Server and Voice. Now we have a new client on our Company, and that client consist of 3 users only. So, their work setup is hybrid. So our client users are located on Parent company site CH, JAPA...

Power Adapter and Cable for PA-460 Firewall

Hello, I would like to confirm the type of power adapter and cable used to power the PA-460 firewall. Specifically, I need to know the connector type on the AC side of the adapter and whether it uses an IEC-60320 C5 or a different standard. This information is crucial for connecting the device to a data center rack PDU with C13 outlets. Thank yo...

Errors and commit warnings after 11.1.2-h3 upgrade

Hi, If anyone could shed some light on the issue below, it would be greatly appreciated. Since upgrading my PA-440 to 11.1.2-h3 (preferred version), I am seeing the following two issues: 1. Every 5 minutes, there is a system log error:Failed to perform task resulting in connection timeout with WildFire Cloud wildfire.paloaltonetworks.com 2. Af...

Discussions

Welcome to the Next-Generation Firewall Discussions!

Using NAT64 to reach overlapping ipv4 networks